CN110852391A - Ethernet message classification method and device based on multiple classifiers - Google Patents

Ethernet message classification method and device based on multiple classifiers Download PDF

Info

Publication number
CN110852391A
CN110852391A CN201911106457.XA CN201911106457A CN110852391A CN 110852391 A CN110852391 A CN 110852391A CN 201911106457 A CN201911106457 A CN 201911106457A CN 110852391 A CN110852391 A CN 110852391A
Authority
CN
China
Prior art keywords
classifier
segment information
domain segment
hash
matched
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911106457.XA
Other languages
Chinese (zh)
Inventor
侯婕
薛亮
刘颖
周游
普杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
91977 Troops Of Pla
Original Assignee
91977 Troops Of Pla
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 91977 Troops Of Pla filed Critical 91977 Troops Of Pla
Priority to CN201911106457.XA priority Critical patent/CN110852391A/en
Publication of CN110852391A publication Critical patent/CN110852391A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • G06F18/243Classification techniques relating to the number of classes
    • G06F18/2431Multiple classes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/03Protocol definition or specification 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/06Notations for structuring of protocol data, e.g. abstract syntax notation one [ASN.1]

Landscapes

  • Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Theoretical Computer Science (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Evolutionary Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Signal Processing (AREA)
  • Evolutionary Computation (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the application provides an Ethernet message classification method and device based on multiple classifiers, the method is applied to an ASIC chip, domain segment information is obtained after the obtained Ethernet message is analyzed in the method, the method utilizes the multiple classifiers, each classifier can be matched with the domain segment information of the Ethernet messages of different types, the analyzed domain segment information is matched with the multiple classifiers, the domain segment information of the message can be matched with at least one classifier, and the corresponding Ethernet message can be sent into a corresponding queue of the matched classifier. The method and the device provided by the embodiment of the application are applied to an ASIC chip, and the Ethernet messages are classified before the Ethernet message processing process is handed to upper-layer software and a host CPU (central processing unit), so that great flexibility is provided for the upper-layer application to further process the messages, the Ethernet message processing efficiency is improved, meanwhile, the computing resources of the host CPU are prevented from being consumed, and the running speed of the host CPU is improved.

Description

Ethernet message classification method and device based on multiple classifiers
Technical Field
The present disclosure relates to the field of data communication technologies, and in particular, to a method and an apparatus for classifying ethernet packets based on multiple classifiers.
Background
After receiving the ethernet message from the network side, the ethernet card needs to process the ethernet message and then sends the processed ethernet message to a designated location in the memory of the host through the PCIE interface, where the processing manner includes integrity check, filtering, replacement editing, and the like. With the continuous enrichment of network applications, the system also becomes diversified in the processing mode of the received ethernet message. Different traffic types need to be handed to different upper layer applications for different processing. Even for the same traffic type, there may be different ways of handling. Furthermore, even for the same application, different processing may be required for different messages. If all the complex processing procedures are handed over to upper software and a host CPU, the processing efficiency is not high, and the computing resources of the host CPU are consumed, so that the host CPU runs slowly.
Disclosure of Invention
In order to overcome the problems that the complex Ethernet message processing process is completely handed to upper-layer software and a host CPU in the related technology, firstly, the processing efficiency is low, and secondly, precious computing resources of the host CPU are consumed, so that the host CPU runs slowly, the Ethernet message classification method and the device based on multiple classifiers are provided, the Ethernet message processing efficiency can be improved, meanwhile, the computing resources of the host CPU are prevented from being consumed, and the running speed of the host CPU is improved.
In a first aspect of the present application, a method for classifying ethernet packets based on multiple classifiers is provided, where the method is applied to an ASIC chip, and the method includes:
carrying out domain section analysis on the acquired Ethernet message to obtain domain section information of the Ethernet message;
matching the domain segment information with a plurality of classifiers respectively;
and if the domain segment information is matched with at least one classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the matched classifier.
Optionally, the plurality of classifiers include: an Ether type classifier, a quintuple/SYN based classifier, a HASH based look-up table classifier, and an RSS based classifier.
Optionally, the matching the domain segment information with multiple classifiers respectively includes:
matching the domain segment information with the Ether type classifier, and if the domain segment information is matched with the Ether type classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the Ether type classifier;
if the domain segment information is not matched with the Ether type classifier, matching the domain segment information with the five-tuple/SYN-based classifier, and if the domain segment information is matched with the five-tuple/SYN-based classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue based on the five-tuple/SYN classifier;
if the domain segment information is not matched with the five-tuple/SYN-based classifier, matching the domain segment information with the HASH table look-up-based classifier, and if the domain segment information is matched with the HASH table look-up-based classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the HASH table look-up-based classifier;
and if the domain segment information is not matched with the table look-up classifier based on HASH, matching the domain segment information with the RSS classifier, and if the domain segment information is matched with the RSS classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue based on the RSS classifier.
Optionally, the domain segment information includes: at least one of message length, Ether Type, Source MAC, Destination MAC, Source IP, Destination IP, protocol, Source Port, Destination Port, SYN field of TCP message and VLAN.
Optionally, if the domain segment information is not matched with the five-tuple/SYN based classifier, matching the domain segment information with the HASH table look-up based classifier, and if the domain segment information is matched with the HASH table look-up based classifier, sending the ethernet packet corresponding to the domain segment information into a corresponding queue of the HASH table look-up based classifier includes:
judging whether the domain segment information comprises at least one of VLAN, Source IP, Destination IP, protocol, Source port and Destination port;
if the domain segment information comprises at least one of VLAN, Source IP, Destination IP, protocol, Source Port and Destination Port, combining at least one of VLAN, Source IP, Destination IP, protocol, Source Port and Destination Port in the domain segment information with any two bytes of data in the Ethernet message, and carrying out AND operation on the combined data and the mask to obtain mask data;
sending the mask data to a HASH calculation module for calculation to obtain HASH data;
searching the HASH data by using the HASH table look-up classifier, and sending the Ethernet message corresponding to the HASH data into the corresponding queue based on the HASH table look-up classifier according to a query result.
Optionally, the method further includes: and if the domain segment information is not matched with the classifier, discarding the Ethernet message corresponding to the domain segment information.
In a second aspect of the present application, an ethernet packet classification device based on multiple classifiers is provided, where the device is applied to an ASIC chip, and the device includes:
the analysis module is used for carrying out domain section analysis on the acquired Ethernet message to obtain domain section information of the Ethernet message;
and the classification module is used for respectively matching the domain segment information with a plurality of classifiers, and if the domain segment information is matched with at least one classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the matched classifier.
Optionally, the plurality of classifiers include: an Ether type classifier, a quintuple/SYN based classifier, a HASH based look-up table classifier, and an RSS based classifier.
Optionally, the classification module includes:
the first sub-classification module is used for matching the domain section information with the Ether type classifier, and if the domain section information is matched with the Ether type classifier, the Ethernet message corresponding to the domain section information is sent to a corresponding queue of the Ether type classifier;
a second sub-classification module, configured to match the domain segment information with the quintuple/SYN-based classifier if the domain segment information is not matched with the Ether type classifier, and send the ethernet packet corresponding to the domain segment information into a corresponding queue based on the quintuple/SYN classifier if the domain segment information is matched with the quintuple/SYN-based classifier;
a third sub-classification module, configured to match the domain segment information with the HASH-based table look-up classifier if the domain segment information is not matched with the five-tuple/SYN-based classifier, and send an ethernet packet corresponding to the domain segment information to a corresponding queue of the HASH-based table look-up classifier if the domain segment information is matched with the HASH-based table look-up classifier;
and the fourth sub-classification module is used for matching the domain segment information with the RSS-based classifier if the domain segment information is not matched with the HASH-based table look-up classifier, and sending the Ethernet message corresponding to the domain segment information into a corresponding queue based on the RSS classifier if the domain segment information is matched with the RSS-based classifier.
Optionally, the domain segment information includes: at least one of message length, Ether Type, Source MAC, Destination MAC, Source IP, Destination IP, protocol, Source Port, Destination Port, SYN field of TCP message and VLAN.
Optionally, the third sub-classification module includes:
a judging unit, configured to judge whether the domain segment information includes at least one of VLAN, Source IP, Destination IP, protocol, Source Port, and Destination Port;
a mask phase and unit, configured to combine at least one of VLAN, Source IP, Destination IP, protocol, Source Port, and Destination Port in the domain segment information with data of any two bytes in the ethernet packet, and phase and mask the combined data with the mask to obtain mask data, if the domain segment information includes at least one of VLAN, Source IP, Destination IP, protocol, Source Port, and Destination Port;
the computing unit is used for sending the mask data to the HASH computing module for computing to obtain HASH data;
and the classification unit is used for searching the HASH data by using the HASH table look-up classifier and sending the Ethernet message corresponding to the HASH data into the corresponding queue based on the HASH table look-up classifier according to a query result.
Optionally, the apparatus further comprises: and the discarding module is used for discarding the Ethernet message corresponding to the domain segment information if the domain segment information is not matched with the classifier.
The embodiment of the application provides an Ethernet message classification method and device based on multiple classifiers, the method is applied to an ASIC chip, domain segment information is obtained after the obtained Ethernet message is analyzed in the method, the method utilizes the multiple classifiers, each classifier can be matched with domain segment information of different types, the analyzed domain segment information is matched with the multiple classifiers, the domain segment information of the message can be matched with at least one classifier, and the corresponding Ethernet message can be sent to a corresponding queue of the matched classifier. The method and the device provided by the embodiment of the application solve the problems that in the prior art, all complex Ethernet message processing processes are given to upper-layer software and a host CPU, so that firstly, the processing efficiency is not high, and secondly, precious computing resources of the host CPU are consumed, so that the host CPU runs slowly. The method and the device provided by the embodiment of the application are applied to an ASIC chip, and the Ethernet messages are classified before the Ethernet message processing process is handed to upper-layer software and a host CPU (central processing unit), so that great flexibility is provided for the upper-layer application to further process the messages, the Ethernet message processing efficiency is improved, meanwhile, the computing resources of the host CPU are prevented from being consumed, and the running speed of the host CPU is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a schematic workflow diagram of an ethernet packet classification method based on multiple classifiers according to an embodiment of the present application;
FIG. 2 is a schematic diagram of a workflow of matching domain segment information with a plurality of classifiers according to an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of a logical framework for matching domain segment information with a plurality of classifiers according to an embodiment of the present application;
fig. 4 is a schematic workflow diagram of matching domain segment information with a HASH-based table look-up classifier according to an embodiment of the present application;
FIG. 5 is a schematic diagram of a workflow of matching domain segment information with an RSS classifier according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an ethernet packet classification device based on multiple classifiers according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present invention. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the invention, as detailed in the appended claims.
In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present application, but it will be appreciated by those skilled in the art that the present application may be practiced without these specific details. In other instances, well-known methods, procedures, components, and circuits have not been described in detail as not to unnecessarily obscure aspects of the embodiments.
When the current Ethernet card receives the Ethernet message from the network terminal, the message is subjected to integrity check, and the message with error check, overlong length or overlong length is filtered. And then the Ethernet card analyzes the domain segment of the Ethernet message, and after obtaining the DMAC (Destination media Access Control) domain segment of the message, the Ethernet card filters the message according to the analyzed DMAC. The filtered message is sent to the designated location of the host Memory through the PCIE interface in a DMA (Direct Memory Access) manner. When the host needs to send a message, the message is stored at a specified position of the memory, and the ethernet card is informed to acquire the message from the memory through a PCIE (Peripheral component interconnect Express) interface in a DMA manner. When the ethernet card acquires the ethernet message, it will send out the ethernet message through the network port. The above ethernet message sending and receiving work is mainly completed by the control chip on the ethernet card and the corresponding driver. The application provides an Ethernet message classification method and device based on multiple classifiers, wherein the method and device are applied to an Application Specific Integrated Circuit (ASIC) chip, and the whole method is realized by matching a special ASIC chip with a bottom layer driver. The ASIC chip is arranged between the client and the host, can receive the Ethernet messages sent by the client, classifies the obtained Ethernet messages and then sends the Ethernet messages to the host for further data processing.
Referring to the workflow diagram shown in fig. 1, the method comprises the following steps:
step S101, performing domain segment analysis on the acquired Ethernet message to obtain domain segment information of the Ethernet message. In order to implement the diversified processing of the ethernet packet according to the embodiment of the present application, the packet must be analyzed. The embodiment of the present application supports an ethernet frame 802.1Q VLAN (Virtual Local Area Network) frame, an ethernet three-layer Protocol supports IPv4(Internet Protocol Version 4, fourth Version of Internet Protocol) and IPv6(Internet Protocol Version 6, sixth Version of Internet Protocol), and a four-layer Protocol supports TCP (Transmission control Protocol) and UDP (User Datagram Protocol ). In the embodiment of the application, the acquired ethernet messages are analyzed byte by byte from the beginning, the analyzed domain segments are packaged into packet description information, and the packet description information is sent to a later-stage submodule for matching and classification. The domain segment information may include: at least one of message length, Ether Type, Source MAC (Source physical address), Destination MAC (Destination physical address), Source IP (Source address), Destination IP (Destination address), Protocol, Source Port, Destination Port, syn (synchronization) field of TCP message, and VLAN.
And step S102, matching the domain segment information with a plurality of classifiers respectively. After the ethernet packet passes through step S101, the ethernet packet is parsed into a plurality of domain segments, and the plurality of domain segments may respectively correspond to different types of classifiers. For example, the domain segment a corresponds to the classifier a1, the domain segment B corresponds to the classifier B1 …, and the domain segment information obtained by the analysis is respectively matched with the final classifier.
Step S103, if the domain segment information is matched with at least one classifier, the Ethernet message corresponding to the domain segment information is sent to a corresponding queue of the matched classifier. After the matching process of step S102, if the domain segment information can be matched with at least one classifier of the multiple classifiers, the corresponding ethernet packet may be sent to the matched classifier. In addition, the classifier is provided with a plurality of queues, and the Ethernet message can be further sent to the corresponding queues of the classifier according to the domain segment information.
In the prior art, some network card control chips exist, which can perform some simple classifications on ethernet cards, for example, classification according to binary groups, but can only be applied to some simple scenarios. For example, in a certain application scenario, the system acquires 10 service types of ethernet messages, which are respectively message 1 and message 2 …, and processes the 10 service types of ethernet messages, and if the system processes the messages according to the scheme provided in the prior art, the messages need to be handed to different upper layer applications for processing. If the message processing is performed according to the method provided by the embodiment of the application, the system is provided with a plurality of classifiers: the first classifier and the second classifier …, the nth classifier, respectively match the ethernet packet of the service type 10 with the first classifier and the second classifier …, the N-th classifier is combined by multiple classifiers to classify the packet before the upper layer application further processes the data, so that the process of processing the ethernet packet by the upper layer application is more flexible.
The embodiment of the application provides an Ethernet message classification method and device based on multiple classifiers, the method is applied to an ASIC chip, domain segment information is obtained after the obtained Ethernet message is analyzed in the method, the method utilizes the multiple classifiers, each classifier can be matched with domain segment information of different types, the analyzed domain segment information is matched with the multiple classifiers, the domain segment information of the message can be matched with at least one classifier, and the corresponding Ethernet message can be sent to a corresponding queue of the matched classifier. The method and the device provided by the embodiment of the application solve the problems that in the prior art, the complex Ethernet message Processing process is completely handed to upper-layer software and a host CPU (Central Processing Unit), so that the Processing efficiency is not high, and the precious computing resources of the host CPU are consumed, so that the host CPU runs slowly. The method and the device provided by the embodiment of the application are applied to an ASIC chip, and the Ethernet messages are classified before the Ethernet message processing process is handed to upper-layer software and a host CPU (central processing unit), so that great flexibility is provided for the upper-layer application to further process the messages, the Ethernet message processing efficiency is improved, meanwhile, the computing resources of the host CPU are prevented from being consumed, and the running speed of the host CPU is improved.
The plurality of classifiers may include: an Ether type classifier, a quintuple/SYN based classifier, a HASH (HASH) based look-up table classifier, and an RSS (Receive-side scaling) based classifier. The method and the device support the classification modes of the classifiers, but when one Ethernet message simultaneously meets the classification modes of different classifiers, contradictions will occur, so that the embodiment of the method and the device can also assign priorities to the classification modes of various classifiers for classification. Referring to the workflow diagram shown in fig. 2 and the logic framework diagram of fig. 3, the matching the domain segment information with the plurality of classifiers respectively includes the following steps:
step S201, matching the domain section information with the Ether type classifier, and if the domain section information is matched with the Ether type classifier, sending the Ethernet message corresponding to the domain section information into a corresponding queue of the Ether type classifier.
The method includes 8 Ether type classifiers, in the step, the Ether type classifiers match the Ether type field information obtained through analysis in the step S101 with the 8 Ether types supported in the embodiment, and if the Ether type field information obtained through analysis can meet the matching requirement, the Ethernet messages corresponding to the field information are sent to corresponding queues of the Ether type classifiers according to queue numbers corresponding to the Ether type classifiers. The Ether types supported by the Ether type classifier can be configured by a system through a PCIe bus, and different types of application scenes are conveniently supported. And if the parsed Ether type field information does not meet the matching requirement, executing step 202.
Step S202, if the domain section information is not matched with the Ether type classifier, the domain section information is matched with the five-tuple/SYN-based classifier, and if the domain section information is matched with the five-tuple/SYN-based classifier, the Ethernet message corresponding to the domain section information is sent into a corresponding queue based on the five-tuple/SYN classifier.
In the step, the quintuple of the quintuple classifier consists of Source IP, Destination IP, Protocol, Source Port and Destination Port. After the quintuple information in the Ethernet message is analyzed by the analysis module, the quintuple classifier compares the quintuple information of the message with the quintuple information in the system one by one, and sends the corresponding Ethernet message to the corresponding queue according to the corresponding queue number of the classifier after meeting the matching requirement. The embodiment of the application can support the configuration information of 64-group quintuple, namely, the Ethernet message can be matched to 64 different queues at most. In addition, the method and the device can carry out bit-by-bit mask on the quintuple, and are convenient for users to carry out more fuzzy and flexible classification operation. For example, the user can send all messages with the source IP lower than 4 bits by 0 into a queue through the bit mask without specifically indicating what the specific source IP is. Meanwhile, in the process of fuzzy matching, the situation that the same message is matched with a plurality of quintuple filters at the same time may occur, so that the priority of the plurality of quintuple filters can be configured. When one message is matched with a plurality of quintuple filters at the same time, the column numbers of the quintuple filters are selected for classification according to the priority level. The SYN is a specific field in the TCP message, and in the embodiment of the present application, the SYN field obtained by analyzing the ethernet message is matched with the field of the SYN classifier, and if the matching requirement is met, the message is sent to the corresponding queue. And certain SYN network attacks can be prevented through classification, and meanwhile, the SYN attacks can be conveniently monitored and processed by security software. If the field segment information does not match the five tuple/SYN based classifier, step S203 is performed.
Step S203, if the domain segment information is not matched with the five-tuple/SYN-based classifier, matching the domain segment information with the HASH-based table look-up classifier, and if the domain segment information is matched with the HASH-based table look-up classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the HASH-based table look-up classifier.
The embodiment of the application supports 8192 HASH classifiers in the step, and specifically, judges whether the domain segment information includes at least one of VLAN, Source IP, Destination IP, Protocol, Source Port, and Destination Port information; if the domain segment information comprises at least one of VLAN, Source IP, Destination IP, Protocol, Source Port and Destination Port information, combining the at least one of VLAN, Source IP, Destination IP, Protocol, Source Port and Destination Port information in the domain segment information with any two bytes of data in the Ethernet message, and performing AND operation on the combined data and the mask to obtain mask data; sending the mask data to a HASH calculation module for calculation to obtain HASH data; searching the HASH data by using the HASH table look-up classifier, and sending the Ethernet message corresponding to the HASH data into the corresponding queue based on the HASH table look-up classifier according to a query result.
For example, the processing flow of the HASH classifier is shown in fig. 4. The HASH classifier combines the VLAN, Source IP, Destination IP, Protocol, Source Port, Destination Port and any 2Bytes data in the thousands 1024Bytes acquired according to user configuration, which are analyzed by the analysis module, and then carries out mask phase and phase on the combined information to finally form maximum 350bit information which is sent to the HASH calculation module for processing. After the HASH calculation module calculates a 13bits HASH result according to input information, the classifier queries 8192 HASH classifiers according to the result, configures corresponding queue numbers according to the classifiers, sends the message into corresponding queues, distributes the received message to several different buckets (queues), and the message data entering from the queue inlet includes: key value, VLAN (virtual local area network), Source IP (Source address), Destination IP (Destination address), Source Port, Destination Port, Protocol, FLEX (symbol of field data in a message), FlexOffset (symbol of field data in a message), Collision Flag (symbol of field data in a message), and act.
To implement the classification process of the HASH classifier, the following is pseudo code of the HASH calculation method:
For(i=0to 350){if(Ext_K[i])then Hash[15:0]=Hash[15:0]XOR Ext_S[15+i:i]};
wherein Ext _ S [365:0] ═ { S [14:0], S [335:321] }, S is an input data bit stream, and total 336bits, and the structure of S is shown in the following table:
Figure BDA0002271460090000081
k [31:0] is a HASH Key value configured by a user through a PCIe bus;
Tmp_K[351:0]={11{K[31:0]}};
Ext_K=Tmp_K[351:1];
flexile bytes: an OFFSET can be configured for a user through the PCIe bus, where the OFFSET is smaller than 1024 and larger than 0, and the embodiment of the application can obtain corresponding 2bytes data in a message according to the OFFSET to participate in HASH calculation.
If the domain segment information does not match the HASH-based table look-up classifier, step S204 is performed.
Step S204, if the domain segment information is not matched with the classifier based on HASH table lookup, the domain segment information is matched with the RSS classifier, and if the domain segment information is matched with the RSS classifier, the Ethernet message corresponding to the domain segment information is sent to a corresponding queue based on the RSS classifier. The RSS classifier is a mechanism that distributes received messages to several different queues, and then software assigns each queue to a different processor, so that the burden of message processing can be uniformly borne among several processors. As shown in fig. 5, which is a schematic view of a workflow of an RSS classifier, the embodiment of the present application uses RSS as a part of a packet distribution policy. Rss (receive sidescaling) is a network card driving technology that enables efficient distribution of received messages among multiple CPUs in a multiprocessor system. Firstly, analyzing the obtained domain segment information, calculating a HASH value according to the domain segment information through a configured HASH function, taking the lower bits (different values according to different network cards) of the HASH value as the table items of a Redirection table, outputting a 7-bit index, obtaining the queue number of the message according to the stored value in the Redirection table, and then distributing the queue number to a corresponding queue. The user of the table entry can configure the table entry through the PCIe bus according to the requirement. The RSS classifier uses the field information (e.g., IP address, TCP port, etc.) obtained by the message parsing as an entry for HASH calculation. The embodiment of the application supports the HASH function of Microsoft MSFTRSS. Only IP packets can participate in RSS HASH, and all packets that cannot participate in RSS HASH have a queue number of 0.
The RSS HASH calculation pseudo-code is as follows:
ComputeHash(input[],n)
Result=0
For each bit b in input[]from left to right
{
If(b==1)result^=(left-most 32bits of K)
Shift K left 1bit position
}
Return result
k is HASH Key and is stored in a register, and a user can configure through a PCIe bus.
According to the RSS HASH calculation procedure, the following are examples of six cases in which HASH is performed:
first, Hash of IPv4 with TCP:
putting a source address, a destination address, a source port and a destination port into a single byte array, and reserving the sequence of the source address, the destination address, the source port and the destination port in the message: input [12] @12-15 @16-19 @20-21 @ 22-23.
Result=ComputeHash(Input,12);
Second, Hash of IPv4 with UDP:
putting a source address, a destination address, a source port and a destination port into a single byte array, and reserving the sequence of the source address, the destination address, the source port and the destination port in the message: input [12] @12-15 @16-19 @20-21 @ 22-23.
Result=ComputeHash(Input,12);
Third, Hash of IPv4 without TCP:
placing the source address and destination address into a single byte array:
Input[]=@12-15,@16-19。
Result=ComputeHash(Input,8);
fourth, Hash of IPv6 with TCP:
placing the source address and destination address into a single byte array: input [36] @8-23, @24-39, @40-41, @ 42-43.
Result=ComputeHash(Input,36);
Fifth, Hash of IPv6 with UDP:
placing the source address and destination address into a single byte array: input [36] @8-23, @24-39, @40-41, @ 42-43.
Result=ComputeHash(Input,36);
Sixth, Hash of IPv6 without TCP:
placing the source address and destination address into a single byte array: input [36] @8-23 @ 24-39.
Result=ComputeHash(Input,36);
Wherein: @ x-y denotes the x byte to y byte (including themselves) of the incoming message, where byte 0 is the first byte of the IP header. In other words, we treat all byte offsets as offsets of one message, where the framing layer header has been deleted. Thus, the IPv4 source address is denoted as @12-15, and the IPv4 destination address is denoted as @ 16-19. @ x-y @ v-w denotes the concatenation of bytes v-w after bytes x-y, preserving their order of occurrence in the data packet.
The method of the embodiment of the present application may further include, if the domain segment information is not matched with the classifier, discarding the ethernet packet corresponding to the domain segment information.
The following are embodiments of the apparatus of the present application that may be used to perform embodiments of the method of the present application. For details which are not disclosed in the embodiments of the apparatus of the present application, reference is made to the embodiments of the method of the present application. Referring to the schematic structural diagram shown in fig. 6, an embodiment of the present application provides an ethernet packet classification device based on multiple classifiers, where the device includes:
the analysis module U1001 is configured to perform domain segment analysis on the acquired ethernet packet to obtain domain segment information of the ethernet packet;
the classification module U1002 is configured to match the domain segment information with multiple classifiers, and send the ethernet packet corresponding to the domain segment information to a corresponding queue of the classifier that matches the domain segment information if the domain segment information matches at least one of the classifiers.
Specifically, the domain segment information may include: at least one of message length, Ether Type, Source MAC, Destination MAC, Source IP, Destination IP, Protocol, Source Port, Destination Port, SYN field of TCP message, and VLAN. The plurality of classifiers may include: an Ether type classifier, a quintuple/SYN based classifier, a HASH based look-up table classifier, and an RSS based classifier.
The classification module U1001 may include:
a first sub-classification module U2001, configured to match the domain segment information with the Ether type classifier, and if the domain segment information matches the Ether type classifier, send the ethernet packet corresponding to the domain segment information to a corresponding queue of the Ether type classifier;
a second sub-classification module U2002, configured to, if the domain segment information is not matched with the Ether type classifier, match the domain segment information with the quintuple/SYN-based classifier, and if the domain segment information is matched with the quintuple/SYN-based classifier, send the ethernet packet corresponding to the domain segment information to a corresponding queue based on the quintuple/SYN classifier;
a third sub-classification module U2003, configured to match the domain segment information with the HASH-based table look-up classifier if the domain segment information is not matched with the five-tuple/SYN-based classifier, and send an ethernet packet corresponding to the domain segment information into a corresponding queue of the HASH-based table look-up classifier if the domain segment information is matched with the HASH-based table look-up classifier;
a fourth sub-classification module U2004, configured to match the domain segment information with the RSS-based classifier if the domain segment information is not matched with the HASH-based table look-up classifier, and send the ethernet packet corresponding to the domain segment information into the corresponding queue based on the RSS classifier if the domain segment information is matched with the RSS-based classifier.
Optionally, the third sub-classification module includes:
a judging unit, configured to judge whether the domain segment information includes at least one of VLAN, Source IP, Destination IP, Protocol, Source Port, and Destination Port information;
a mask phase and unit, configured to combine at least one of VLAN, Source IP, Destination IP, Protocol, Source Port, and Destination Port in the field segment information with data of any two bytes in the ethernet packet, and phase and mask the combined data with the mask to obtain mask data, if the field segment information includes at least one of VLAN, Source IP, Destination IP, Source Port, and Destination Port;
the computing unit is used for sending the mask data to the HASH computing module for computing to obtain HASH data;
and the classification unit is used for searching the HASH data by using the HASH table look-up classifier and sending the Ethernet message corresponding to the HASH data into the corresponding queue based on the HASH table look-up classifier according to a query result.
Optionally, the apparatus further comprises:
and the discarding module is used for discarding the Ethernet message corresponding to the domain segment information if the domain segment information is not matched with the classifier.
In a specific implementation, the present application further provides a computer storage medium, where the computer storage medium may store a program, and the program may include some or all of the steps in each embodiment of the rule-based message detection method provided in the present application when executed. The storage medium may be a magnetic disk, an optical disk, a ROM (read-only memory), a RAM (random access memory), or the like.
Those skilled in the art will clearly understand that the techniques in the embodiments of the present application may be implemented by way of software plus a required general hardware platform. Based on such understanding, the technical solutions in the embodiments of the present application may be essentially implemented or a part contributing to the prior art may be embodied in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments or some parts of the embodiments of the present application.
The same and similar parts in the various embodiments in this specification may be referred to each other. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is simple, and the relevant points can be referred to the description in the method embodiment.
The present application has been described in detail with reference to specific embodiments and illustrative examples, but the description is not intended to limit the application. Those skilled in the art will appreciate that various equivalent substitutions, modifications or improvements may be made to the presently disclosed embodiments and implementations thereof without departing from the spirit and scope of the present disclosure, and these fall within the scope of the present disclosure. The protection scope of this application is subject to the appended claims.

Claims (12)

1. An Ethernet message classification method based on multiple classifiers is applied to an ASIC chip and comprises the following steps:
carrying out domain section analysis on the acquired Ethernet message to obtain domain section information of the Ethernet message;
matching the domain segment information with a plurality of classifiers respectively;
and if the domain segment information is matched with at least one classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the matched classifier.
2. The method of claim 1, wherein the plurality of classifiers comprises: an Ether type classifier, a quintuple/SYN based classifier, a HASH based look-up table classifier, and an RSS based classifier.
3. The method of claim 2, wherein said matching the domain segment information to a plurality of classifiers, respectively, comprises:
matching the domain segment information with the Ether type classifier, and if the domain segment information is matched with the Ether type classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the Ether type classifier;
if the domain segment information is not matched with the Ether type classifier, matching the domain segment information with the five-tuple/SYN-based classifier, and if the domain segment information is matched with the five-tuple/SYN-based classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue based on the five-tuple/SYN classifier;
if the domain segment information is not matched with the five-tuple/SYN-based classifier, matching the domain segment information with the HASH table look-up-based classifier, and if the domain segment information is matched with the HASH table look-up-based classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the HASH table look-up-based classifier;
and if the domain segment information is not matched with the table look-up classifier based on HASH, matching the domain segment information with the RSS classifier, and if the domain segment information is matched with the RSS classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue based on the RSS classifier.
4. The method of claim 2, wherein the domain segment information comprises: at least one of message length, Ether Type, Source MAC, Destination MAC, Source IP, Destination IP, Protocol, Source Port, Destination Port, SYN field of TCP message, and VLAN.
5. The method of claim 4, wherein the matching the domain segment information to the HASH-based look-up table classifier if the domain segment information does not match the five-tuple/SYN-based classifier, and the enqueuing an ethernet packet corresponding to the domain segment information to a corresponding queue of the HASH-based look-up table classifier if the domain segment information matches the HASH-based look-up table classifier comprises:
judging whether the domain segment information comprises at least one of VLAN, Source IP, Destination IP, Protocol, Source Port and Destination Port information;
if the domain segment information comprises at least one of VLAN, Source IP, Destination IP, Protocol, Source Port and Destination Port information, combining the at least one of VLAN, Source IP, Destination IP, Protocol, Source Port and Destination Port information in the domain segment information with any two bytes of data in the Ethernet message, and performing AND operation on the combined data and the mask to obtain mask data;
sending the mask data to a HASH calculation module for calculation to obtain HASH data;
searching the HASH data by using the HASH table look-up classifier, and sending the Ethernet message corresponding to the HASH data into the corresponding queue based on the HASH table look-up classifier according to a query result.
6. The method of claim 1, wherein the method further comprises: and if the domain segment information is not matched with the classifier, discarding the Ethernet message corresponding to the domain segment information.
7. An ethernet packet classification apparatus based on multiple classifiers, wherein the apparatus is applied to an ASIC chip, and the apparatus comprises:
the analysis module is used for carrying out domain section analysis on the acquired Ethernet message to obtain domain section information of the Ethernet message;
and the classification module is used for respectively matching the domain segment information with a plurality of classifiers, and if the domain segment information is matched with at least one classifier, sending the Ethernet message corresponding to the domain segment information into a corresponding queue of the matched classifier.
8. The apparatus of claim 7, wherein the plurality of classifiers comprises: an Ether type classifier, a quintuple/SYN based classifier, a HASH based look-up table classifier, and an RSS based classifier.
9. The apparatus of claim 8, wherein the classification module comprises:
the first sub-classification module is used for matching the domain section information with the Ether type classifier, and if the domain section information is matched with the Ether type classifier, the Ethernet message corresponding to the domain section information is sent to a corresponding queue of the Ether type classifier;
a second sub-classification module, configured to match the domain segment information with the quintuple/SYN-based classifier if the domain segment information is not matched with the Ether type classifier, and send the ethernet packet corresponding to the domain segment information into a corresponding queue based on the quintuple/SYN classifier if the domain segment information is matched with the quintuple/SYN-based classifier;
a third sub-classification module, configured to match the domain segment information with the HASH-based table look-up classifier if the domain segment information is not matched with the five-tuple/SYN-based classifier, and send an ethernet packet corresponding to the domain segment information to a corresponding queue of the HASH-based table look-up classifier if the domain segment information is matched with the HASH-based table look-up classifier;
and the fourth sub-classification module is used for matching the domain segment information with the RSS-based classifier if the domain segment information is not matched with the HASH-based table look-up classifier, and sending the Ethernet message corresponding to the domain segment information into a corresponding queue based on the RSS classifier if the domain segment information is matched with the RSS-based classifier.
10. The apparatus of claim 8, wherein the domain segment information comprises: at least one of message length, EtherType, Source MAC, Destination MAC, Source IP, Destination IP, Protocol, Source Port, Destination Port, SYN field of TCP message, and VLAN.
11. The apparatus of claim 10, wherein the third sub-classification module comprises:
a judging unit, configured to judge whether the domain segment information includes at least one of VLAN, Source IP, Destination IP, Protocol, Source Port, and Destination Port information;
a mask phase and unit, configured to combine at least one of VLAN, Source IP, Destination IP, Protocol, Source Port, and Destination Port in the field segment information with data of any two bytes in the ethernet packet, and phase and mask the combined data with the mask to obtain mask data, if the field segment information includes at least one of VLAN, Source IP, Destination IP, Source Port, and Destination Port;
the computing unit is used for sending the mask data to the HASH computing module for computing to obtain HASH data;
and the classification unit is used for searching the HASH data by using the HASH table look-up classifier and sending the Ethernet message corresponding to the HASH data into the corresponding queue based on the HASH table look-up classifier according to a query result.
12. The apparatus of claim 7, further comprising:
and the discarding module is used for discarding the Ethernet message corresponding to the domain segment information if the domain segment information is not matched with the classifier.
CN201911106457.XA 2019-11-13 2019-11-13 Ethernet message classification method and device based on multiple classifiers Pending CN110852391A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911106457.XA CN110852391A (en) 2019-11-13 2019-11-13 Ethernet message classification method and device based on multiple classifiers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911106457.XA CN110852391A (en) 2019-11-13 2019-11-13 Ethernet message classification method and device based on multiple classifiers

Publications (1)

Publication Number Publication Date
CN110852391A true CN110852391A (en) 2020-02-28

Family

ID=69600671

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911106457.XA Pending CN110852391A (en) 2019-11-13 2019-11-13 Ethernet message classification method and device based on multiple classifiers

Country Status (1)

Country Link
CN (1) CN110852391A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116455991A (en) * 2023-06-13 2023-07-18 珠海星云智联科技有限公司 Tunnel encapsulation message checksum calculation method and related device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102957616A (en) * 2011-08-18 2013-03-06 盛科网络(苏州)有限公司 Method and system for transferring TRILL (transparent interconnection of lots of links) network messages in an ASIC(application specific integrated circuit )
CN103414730A (en) * 2013-08-29 2013-11-27 迈普通信技术股份有限公司 Method and device for processing ARP messages
CN104348716A (en) * 2013-07-23 2015-02-11 杭州华三通信技术有限公司 Message processing method and equipment
US20150071283A1 (en) * 2013-09-06 2015-03-12 Cisco Systems, Inc. Hardware implemented ethernet multiple tuple filter system and method
CN107659515A (en) * 2017-09-29 2018-02-02 曙光信息产业(北京)有限公司 Message processing method, device, message processing chip and server

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102957616A (en) * 2011-08-18 2013-03-06 盛科网络(苏州)有限公司 Method and system for transferring TRILL (transparent interconnection of lots of links) network messages in an ASIC(application specific integrated circuit )
CN104348716A (en) * 2013-07-23 2015-02-11 杭州华三通信技术有限公司 Message processing method and equipment
CN103414730A (en) * 2013-08-29 2013-11-27 迈普通信技术股份有限公司 Method and device for processing ARP messages
US20150071283A1 (en) * 2013-09-06 2015-03-12 Cisco Systems, Inc. Hardware implemented ethernet multiple tuple filter system and method
CN107659515A (en) * 2017-09-29 2018-02-02 曙光信息产业(北京)有限公司 Message processing method, device, message processing chip and server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
INTEL CORPORATION: "《Intel® 82599 10 GbE Controller Datasheet》", 31 October 2009 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116455991A (en) * 2023-06-13 2023-07-18 珠海星云智联科技有限公司 Tunnel encapsulation message checksum calculation method and related device
CN116455991B (en) * 2023-06-13 2023-08-22 珠海星云智联科技有限公司 Tunnel encapsulation message checksum calculation method and related device

Similar Documents

Publication Publication Date Title
US11374858B2 (en) Methods and systems for directing traffic flows based on traffic flow classifications
US7580351B2 (en) Dynamically controlling the rate and internal priority of packets destined for the control plane of a routing device
US6625150B1 (en) Policy engine architecture
EP1754349B1 (en) Hardware filtering support for denial-of-service attacks
US8325607B2 (en) Rate controlling of packets destined for the route processor
US7719980B2 (en) Method and apparatus for flexible frame processing and classification engine
US8867395B2 (en) Accelerating data packet parsing
US7313667B1 (en) Methods and apparatus for mapping fields of entries into new values and combining these mapped values into mapped entries for use in lookup operations such as for packet processing
US8964747B2 (en) System and method for restricting network access using forwarding databases
US8913613B2 (en) Method and system for classification and management of inter-blade network traffic in a blade server
US9154418B1 (en) Efficient packet classification in a network device
USRE42135E1 (en) Multi-protocol data classification using on-chip cam
US8555374B2 (en) High performance packet processing using a general purpose processor
US11398977B2 (en) Packet classifier
US11818022B2 (en) Methods and systems for classifying traffic flows based on packet processing metadata
US10397116B1 (en) Access control based on range-matching
US10911579B1 (en) Generating programmatically defined fields of metadata for network packets
US11494189B2 (en) Methods and systems for processing data in a programmable data processing pipeline that includes out-of-pipeline processing
US7054950B2 (en) Network thread scheduling
US10819640B1 (en) Congestion avoidance in multipath routed flows using virtual output queue statistics
US20190052553A1 (en) Architectures and methods for deep packet inspection using alphabet and bitmap-based compression
US8295177B1 (en) Flow classes
US20060002393A1 (en) Primary control marker data structure
CN110852391A (en) Ethernet message classification method and device based on multiple classifiers
CN106789671B (en) Service message forwarding method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination